I am using the following script to process a form to add info to my website. The problem I am having is when I submit the form nothing gets submitted to the database, and there are no errors. How can I add error reporting to my query?

if (isset($_POST['itemdescription'])) {$itemdescription = $_POST['itemdescription'];}else {$itemdescription = '';}
if (isset($_POST['itemnumber'])) {$itemnumber = $_POST['itemnumber'];}else {$itemnumber = '';}
if (isset($_POST['sellerid'])) {$sellerid = $_POST['sellerid'];}else {$sellerid = '';}
if (isset($_POST['purchasedate'])) {$purchasedatepre = $_POST['purchasedate'];$date = DateTime::createFromFormat("D F d, Y", $purchasedatepre);$purchasedate = date('Y-m-d',strtotime($purchasedatepre));}else {$purchasedatepre = ''; $purchasedate = '';}
if (isset($_POST['otherinfo'])) {$otherinfo = $_POST['otherinfo'];}else {$otherinfo = '';}
if (isset($_POST['numberofitems'])) {$numberofitems = $_POST['numberofitems'];}else {$numberofitems = '';}
if (isset($_POST['numberofitemsused'])) {$numberofitemsused = $_POST['numberofitemsused'];}else {$numberofitemsused = '';}
if (isset($_POST['isitdelivered'])) {$isitdelivered = $_POST['isitdelivered'];}else {$isitdelivered = '';}
if (isset($_POST['price'])) {$price = $_POST['price'];}else {$price = '';}

$itemdescription = str_replace("'", "", "$itemdescription");
$itemnumber = str_replace("'", "", "$itemnumber");
$sellerid = str_replace("'", "", "$sellerid");
$otherinfo = str_replace("'", "", "$otherinfo");


mysqli_query($db,"INSERT INTO stockdetails (`itemdescription`,`itemnumber`,`sellerid`,`purchasedate`,`otherinfo`,`numberofitems`,`isitdelivered`,`price`) VALUES ('$itemdescription','$itemnumber','$sellerid','$purchasedate','$otherinfo','$numberofitems','$numberofitemsused','$isitdelivered','$price')");

// header('Location: stockmanager.php?&key='.$key);

Solution 1

Just simply add or die(mysqli_error($db)); at the end of your query, this will print the mysqli error.

 mysqli_query($db,"INSERT INTO stockdetails (`itemdescription`,`itemnumber`,`sellerid`,`purchasedate`,`otherinfo`,`numberofitems`,`isitdelivered`,`price`) VALUES ('$itemdescription','$itemnumber','$sellerid','$purchasedate','$otherinfo','$numberofitems','$numberofitemsused','$isitdelivered','$price')") or die(mysqli_error($db));

As a side note I'd say you are at risk of mysql injection, check here How can I prevent SQL injection in PHP?. You should really use prepared statements to avoid any risk.

Solution 2


As in:

$sql = "Your SQL statement here";
$result = mysqli_query($conn, $sql) or trigger_error("Query Failed! SQL: $sql - Error: ".mysqli_error($conn), E_USER_ERROR);

Trigger error is better than die because you can use it for development AND production, it's the permanent solution.